4. Reflex: vWatch
Fully integrated component of the Reflex VMC platform
Monitoring and analysis module which provides a comprehensive overview of the state of the virtual
environment at any given time
Through real-time and historical visual reporting, configuration change monitoring, and extensive
correlation, vWatch provides administrators with the visibility they need
The ability to visualize both the virtual and underlying hardware infrastructure has become mission critical
for IT administrators
Functions:
Virtual Flow Data
Historical tracking
Physical-to-Virtual
Configuration
Compliance Audit
Root-cause Analysis
6. Virtual Networking Visibility
H i s to r i c a l t ra c k i n g
P hys i c a l - to - V i r t u a l
C o n f i g u ra t i o n
Compliance
Ro o t - c a u s e A n a l ys i s
7. Reflex: vProfile
vProfile provides an API that enables service providers and enterprises to provision and
manage security and compliance without the dependency on expensive external hardware
vProfile configuration management is the only solution on the market today that provides
‘difference visualization’, and plots VM configuration changes according to a graphical, easy
to understand "heat map" interface
Functions:
Apply Baseline Profile
Configuration
Heat map and Customized
Pivot Tables
Ad-Hoc and
Scheduled Remediation
VQL Configuration Queries
Tiered Configuration Profiles
Historical Profile Definition
Batch Modification
IP Pool Allocation
8. Reflex: vTrust Segmentation & Security
Fully integrated component of the Reflex VMC platform
Designed to be integrated directly with the VMware VMsafe platform technology
Provides dynamic policy enforcement for virtual environments deployed locally and in external cloud
environments
Operating at the hypervisor kernel level, vTrust leverages the tightly integrated VMsafe component of
VMware vSphere™ 4
Facilitates adaptive, extensible policies that allow administrators to address complex business,
information security and compliance requirements within the virtual environment
Functions:
Virtual Segmentation
Virtual Quarantine
Networking Policy
Stateful Inspection
Agentless
8
9. VMware VMsafe Integration
• Low-Level Enforcement Policy
• Part of the Hypervisor VM
ACLs
• VM Network Segmentation/Firewall
VMsafe
• Multi-Virtual Center Aware
• vMotion Aware
• Policy Mobility
vmSafe Kernel Module
(d)vSwitch
ESX Hypervisor
10. Software Asset Management
•No Agents to Install
•Independent of State
•Power
•Templates
•Policy Criteria
•NAC
•Posture Checking
•Maintain Compliance
11. Automation: Policy and Enforcement
Policy Types Enforcement Points
•Segmentation (Firewall) Network
•Quarantine (NAC, Posture)
Network •Redirection (IDP, Capture) • Reflex VMsafe
•Configuration (VLAN, QoS)
• 3rd Party (TippingPoint)
• VI API
•Storage
•Network Connection
Guest •Software (OS, App, Patch) Infrastructure
•Authorization
• VI API
•Access Control
• 3rd Party API/DB/CLI
•Authorization
vCenter •Resource Pools
Generic
•Storage
• Generic Programmable (Python)
Device •Chassis (UCS, Blade Ctr) • Element Managers
•Switch
•Security Device
• Orchestration / Provisioning
Config • Notification
11